Category Archives: Contingency Planning

Y2K … Two Decades Later

– Why didn’t I use the title “Y2K at Twenty” for this column to match “The FS-ISAC at Twenty” that was posted on BlogInfoSec on January 6, 2020? Good question … easy answer. Because The New York Times commandeered “Y2K @ 20” for their online presentations. I will get to one of…

The Cyber Tipping Point—Are We There Yet?

– As known cyberattacks are being reported as increasing in number, frequency and severity, you have to ask whether we are reaching, or have already reached, a tipping point where everyone gets so disgusted or frightened with the incessant and egregious barrage of attacks that they tune out. On…

Another Fifth … Quantum Dawn Cybersecurity Exercise

– Another Fifth … Quantum Dawn Cybersecurity Exercise Following my BlogInfoSec column “Taking the Fifth …” posted on October 29, 2019, I came across other “fives,” the most relevant of which was about Quantum Dawn V, which took place on November 7, 2019. This is the  fifth in a…

Pretending about Cybersecurity Risks

– I have written a couple of columns comparing cybersecurity risk management to managing climate change—one with the title “Cybersecurity Climate Change” (December 10, 2018), and the other “The Cybersecurity Paradox” (June 19, 2019)—and here’s another column on the topic. It was…

Are Ransom Payments Supporting Terrorists?

– Organizations, particularly those that recognize that they don’t have essential security and data recovery measures in place, have taken out cyber insurance, which they are regularly using to pay off ransomware attackers. I find it curious that these insurance companies seem to be willing to pay…